gnucash master: Bug 747377: Fix overly restrictive input validation for IBAN of SEPA transfer.
Christian Stimming
cstim at code.gnucash.org
Sun Apr 12 16:28:23 EDT 2015
Updated via https://github.com/Gnucash/gnucash/commit/c46c0a9e (commit)
from https://github.com/Gnucash/gnucash/commit/c97ab473 (commit)
commit c46c0a9e791fbea691c3816be432bbfbcc4fc8e5
Author: Christian Stimming <christian at cstimming.de>
Date: Sun Apr 12 22:26:31 2015 +0200
Bug 747377: Fix overly restrictive input validation for IBAN of SEPA transfer.
Only in some countries the IBAN is really restricted to numeric-only
(most notably in Germany, "DE"). In some other countries parts of the
IBAN may be alphas. These checks could be extended for more countries,
but since aqbanking with the SEPA transfers is used mostly in Germany,
we just leave it with the exception rule for Germany.
diff --git a/src/import-export/aqb/dialog-ab-trans.c b/src/import-export/aqb/dialog-ab-trans.c
index 93d1216..67a3687 100644
--- a/src/import-export/aqb/dialog-ab-trans.c
+++ b/src/import-export/aqb/dialog-ab-trans.c
@@ -1348,16 +1348,53 @@ gnc_ab_trans_dialog_ibanentry_filter_cb (GtkEditable *editable,
if (gnc_ab_trans_isSEPA(td->trans_type))
{
- // SEPA: Only alphas in the first two places (only upper case, though), then only digits
+ enum {
+ ALPHA
+ , ALNUM
+ , NUMERIC
+ } allowed_characterclass;
+
+ // SEPA: Only alphas in the first two places (at index 0, 1)
if (*position + i < 2)
{
- if (g_ascii_isalpha(c))
- g_string_append_c(result, g_ascii_toupper(c));
+ allowed_characterclass = ALPHA;
}
+ // SEPA: Next two places are digits only (index 2, 3)
+ else if (*position + i < 4)
+ {
+ allowed_characterclass = NUMERIC;
+ }
+ // SEPA: The rest depends on the country code: Either Alpha-numeric or numeric only
else
{
+ const gchar* acct_text = gtk_entry_get_text(GTK_ENTRY(td->recp_account_entry));
+ // Special case for German ("DE") IBAN: Numeric only. Otherwise allow alpha-numeric
+ if (acct_text[0] == 'D' && acct_text[1] == 'E')
+ {
+ allowed_characterclass = NUMERIC;
+ }
+ else
+ {
+ allowed_characterclass = ALNUM;
+ }
+ }
+
+ // Do the actual character class check. Alphas are only allowed in
+ // uppercase, though.
+ switch (allowed_characterclass)
+ {
+ case ALPHA:
+ if (g_ascii_isalpha(c))
+ g_string_append_c(result, g_ascii_toupper(c));
+ break;
+ case ALNUM:
+ if (g_ascii_isalnum(c))
+ g_string_append_c(result, g_ascii_toupper(c));
+ break;
+ case NUMERIC:
if (g_ascii_isdigit(c))
g_string_append_c(result, c);
+ break;
}
}
else
Summary of changes:
src/import-export/aqb/dialog-ab-trans.c | 43 ++++++++++++++++++++++++++++++---
1 file changed, 40 insertions(+), 3 deletions(-)
More information about the gnucash-changes
mailing list